$ rpki-client -vvf repo-rpki.idnic.net/repo/8d03af01-f239-4a1f-81cd-4106bebb2a22/0/F8DF40E4C95F9EBF81453870736995E91BBB92F7.mft File: F8DF40E4C95F9EBF81453870736995E91BBB92F7.mft (raw, json) Hash identifier: dGU9uoUd99pstyhR3272oBeKzUOzmCR41oFyohT6158= Subject key identifier: EF:5F:33:B8:4E:00:14:E2:29:FB:80:6C:36:23:74:0C:9F:7A:E2:86 Authority key identifier: F8:DF:40:E4:C9:5F:9E:BF:81:45:38:70:73:69:95:E9:1B:BB:92:F7 Certificate issuer: /CN=F8DF40E4C95F9EBF81453870736995E91BBB92F7 Certificate serial: 30D7DE099E10E67EF29F16687C9FB6F54D523E94 Authority info access: rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F8DF40E4C95F9EBF81453870736995E91BBB92F7.cer Subject info access: rsync://repo-rpki.idnic.net/repo/8d03af01-f239-4a1f-81cd-4106bebb2a22/0/F8DF40E4C95F9EBF81453870736995E91BBB92F7.mft Manifest number: 028E Signing time: Mon 03 Nov 2025 06:40:02 +0000 Manifest this update: Mon 03 Nov 2025 06:35:02 +0000 Manifest next update: Thu 06 Nov 2025 11:43:02 +0000 Files and hashes: 1: 3130332e3234302e3130382e302f32322d3234203d3e203538383139.roa (hash: XeC/h72IOu7dA+NCUWie+KTWNqBhpQyXbuk3uFJs7XQ=) 2: F8DF40E4C95F9EBF81453870736995E91BBB92F7.crl (hash: J0VglM89MLk7/ePhMYrK1l/rF+vToV7XnLqhzUxz5H8=) 3: 3130332e3234302e3130392e302f32342d3234203d3e203538383139.roa (hash: yBAmYPcX6Hw9g9sbt5o4PVcLnMdm+J2PfCuUjXQ0T5g=) 4: 3130332e3234302e3131302e302f32342d3234203d3e203538383139.roa (hash: oOGj5tlcgCuOuQ6ORsdrfX31aFz0B3FN8fvqd8j5T/A=) 5: 3130332e3234302e3130382e302f32342d3234203d3e203538383139.roa (hash: R48/rgbNCjjp4lN8u0WLGy1+WSaMSCFGbeTToOjbzmw=) 6: 3130332e3234302e3131312e302f32342d3234203d3e203538383139.roa (hash: LrqOLogV2pqJm1JD+jgGDFnoqudanN5BU7ote6ngSrk=) Validation: OK Signature path: rsync://repo-rpki.idnic.net/repo/8d03af01-f239-4a1f-81cd-4106bebb2a22/0/F8DF40E4C95F9EBF81453870736995E91BBB92F7.crl rsync://repo-rpki.idnic.net/repo/8d03af01-f239-4a1f-81cd-4106bebb2a22/0/F8DF40E4C95F9EBF81453870736995E91BBB92F7.mft rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F8DF40E4C95F9EBF81453870736995E91BBB92F7.cer rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.crl rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/BA8F77D21E58FE9C939A6B70E2585617E183376B.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/uo930h5Y_pyTmmtw4lhWF-GDN2s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 06 Nov 2025 11:43:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 30:d7:de:09:9e:10:e6:7e:f2:9f:16:68:7c:9f:b6:f5:4d:52:3e:94 Signature Algorithm: sha256WithRSAEncryption Issuer: CN=F8DF40E4C95F9EBF81453870736995E91BBB92F7 Validity Not Before: Nov 3 06:35:02 2025 GMT Not After : Nov 6 11:43:02 2025 GMT Subject: CN=EF5F33B84E0014E229FB806C3623740C9F7AE286 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:7e:a8:78:bd:b1:3b:1c:6d:de:a3:4f:11:5e: c5:87:38:b6:dc:ad:5b:24:2c:a1:cb:08:2b:e7:8f: 08:d0:6d:fe:45:a2:db:d0:ec:58:10:6b:3a:02:e6: a3:bb:28:c4:b5:71:73:59:43:f2:bf:77:97:e7:ae: 5e:5c:ea:33:8c:1b:81:3c:b4:80:e5:1e:a0:ed:c3: c4:e7:d4:da:16:bd:fd:0a:c9:ee:db:b0:5e:24:85: a3:d1:b0:23:6c:39:ea:b8:a1:ad:d4:14:a8:c2:a8: cd:11:50:00:53:64:e7:41:9b:cf:a7:07:dc:81:9d: ae:53:ed:a7:e1:54:c5:14:cd:37:f9:03:ac:a5:9e: a9:e2:38:22:7d:a5:db:1c:f9:fd:bd:4b:2e:08:68: d3:d2:67:f6:03:36:9b:38:11:5b:7e:34:44:ee:a7: d2:57:58:0f:62:55:8b:58:ea:5e:33:99:d0:a6:97: 40:ca:a6:8b:ae:25:b8:e8:70:f4:f9:0d:4e:d2:8a: 08:e6:79:06:93:6a:38:8f:53:ab:29:8d:cd:7e:33: f9:a0:15:fa:e1:90:d2:32:c4:00:75:3b:73:47:29: 87:55:61:bf:90:cc:f5:85:c2:28:12:48:4c:0b:ed: 8d:22:ca:26:51:4a:ae:76:d4:0d:01:2d:a6:9e:2c: c4:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:5F:33:B8:4E:00:14:E2:29:FB:80:6C:36:23:74:0C:9F:7A:E2:86 X509v3 Authority Key Identifier: keyid:F8:DF:40:E4:C9:5F:9E:BF:81:45:38:70:73:69:95:E9:1B:BB:92:F7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://repo-rpki.idnic.net/repo/8d03af01-f239-4a1f-81cd-4106bebb2a22/0/F8DF40E4C95F9EBF81453870736995E91BBB92F7.crl Authority Information Access: CA Issuers - URI:rsync://repo-rpki.idnic.net/repo/IDNIC-ID/2/F8DF40E4C95F9EBF81453870736995E91BBB92F7.cer Subject Information Access: Signed Object - URI:rsync://repo-rpki.idnic.net/repo/8d03af01-f239-4a1f-81cd-4106bebb2a22/0/F8DF40E4C95F9EBF81453870736995E91BBB92F7.mft X509v3 Certificate Policies: critical Policy: ipAddr-asNumber sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit Signature Algorithm: sha256WithRSAEncryption 3f:f7:de:9a:26:8a:20:9c:11:7f:d4:4e:9e:2d:09:3f:1c:da: 36:50:4d:6b:68:53:36:a9:84:59:86:75:d5:ae:aa:cf:55:c8: 8d:b8:83:0b:ee:ae:b0:06:26:93:30:b4:c1:d1:e8:6b:19:9d: 1b:e7:00:4c:2f:b5:ca:ee:ec:15:d2:68:fb:24:9f:b2:f1:7a: 5c:45:06:f2:ee:89:22:b6:b7:e9:5b:19:be:61:e1:8d:1e:97: 85:25:dc:26:f5:94:26:22:4a:26:97:f9:ab:ff:99:29:9b:c1: a8:04:7c:1f:c0:a5:3b:2a:5c:e7:ae:90:53:3a:4b:0a:f1:dc: ff:ef:b0:39:7d:9a:7a:60:8f:f1:4f:d2:97:94:4d:4d:3b:93: c9:a3:3d:f8:03:51:91:dc:cc:2e:ee:ae:d9:2e:84:f7:ff:19: ce:66:56:fd:45:c9:a8:f0:0b:11:f5:1f:7f:cd:4d:69:7c:64: e2:9c:14:66:0d:d2:da:ad:25:d9:b4:4b:f0:13:ff:27:fb:06: 50:1d:a0:60:81:56:d2:d0:06:86:db:7b:19:01:70:ae:1f:ea: 1b:28:03:b7:a6:0d:f1:76:53:12:bb:2e:07:fa:29:87:b1:23: 97:82:68:c1:d5:08:69:f1:72:ff:77:71:52:e5:a3:3a:48:d9: 7e:c4:3e:d6 -----BEGIN CERTIFICATE----- MIIFMjCCBBqgAwIBAgIUMNfeCZ4Q5n7ynxZofJ+29U1SPpQwDQYJKoZIhvcNAQEL BQAwMzExMC8GA1UEAxMoRjhERjQwRTRDOTVGOUVCRjgxNDUzODcwNzM2OTk1RTkx QkJCOTJGNzAeFw0yNTExMDMwNjM1MDJaFw0yNTExMDYxMTQzMDJaMDMxMTAvBgNV BAMTKEVGNUYzM0I4NEUwMDE0RTIyOUZCODA2QzM2MjM3NDBDOUY3QUUyODYwggEi MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDyfqh4vbE7HG3eo08RXsWHOLbc rVskLKHLCCvnjwjQbf5FotvQ7FgQazoC5qO7KMS1cXNZQ/K/d5fnrl5c6jOMG4E8 tIDlHqDtw8Tn1NoWvf0Kye7bsF4khaPRsCNsOeq4oa3UFKjCqM0RUABTZOdBm8+n B9yBna5T7afhVMUUzTf5A6ylnqniOCJ9pdsc+f29Sy4IaNPSZ/YDNps4EVt+NETu p9JXWA9iVYtY6l4zmdCml0DKpouuJbjocPT5DU7SigjmeQaTajiPU6spjc1+M/mg FfrhkNIyxAB1O3NHKYdVYb+QzPWFwigSSEwL7Y0iyiZRSq521A0BLaaeLMTVAgMB AAGjggI8MIICODAdBgNVHQ4EFgQU718zuE4AFOIp+4BsNiN0DJ964oYwHwYDVR0j BBgwFoAU+N9A5Mlfnr+BRThwc2mV6Ru7kvcwDgYDVR0PAQH/BAQDAgeAMIGFBgNV HR8EfjB8MHqgeKB2hnRyc3luYzovL3JlcG8tcnBraS5pZG5pYy5uZXQvcmVwby84 ZDAzYWYwMS1mMjM5LTRhMWYtODFjZC00MTA2YmViYjJhMjIvMC9GOERGNDBFNEM5 NUY5RUJGODE0NTM4NzA3MzY5OTVFOTFCQkI5MkY3LmNybDB0BggrBgEFBQcBAQRo MGYwZAYIKwYBBQUHMAKGWHJzeW5jOi8vcmVwby1ycGtpLmlkbmljLm5ldC9yZXBv L0lETklDLUlELzIvRjhERjQwRTRDOTVGOUVCRjgxNDUzODcwNzM2OTk1RTkxQkJC OTJGNy5jZXIwgZMGCCsGAQUFBwELBIGGMIGDMIGABggrBgEFBQcwC4Z0cnN5bmM6 Ly9yZXBvLXJwa2kuaWRuaWMubmV0L3JlcG8vOGQwM2FmMDEtZjIzOS00YTFmLTgx Y2QtNDEwNmJlYmIyYTIyLzAvRjhERjQwRTRDOTVGOUVCRjgxNDUzODcwNzM2OTk1 RTkxQkJCOTJGNy5tZnQwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAhBggrBgEF BQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMBUGCCsGAQUFBwEIAQH/BAYwBKAC BQAwDQYJKoZIhvcNAQELBQADggEBAD/33pomiiCcEX/UTp4tCT8c2jZQTWtoUzap hFmGddWuqs9VyI24gwvurrAGJpMwtMHR6GsZnRvnAEwvtcru7BXSaPskn7LxelxF BvLuiSK2t+lbGb5h4Y0el4Ul3Cb1lCYiSiaX+av/mSmbwagEfB/ApTsqXOeukFM6 Swrx3P/vsDl9mnpgj/FP0peUTU07k8mjPfgDUZHczC7urtkuhPf/Gc5mVv1Fyajw CxH1H3/NTWl8ZOKcFGYN0tqtJdm0S/AT/yf7BlAdoGCBVtLQBobbexkBcK4f6hso A7emDfF2UxK7Lgf6KYexI5eCaMHVCGnxcv93cVLlozpI2X7EPtY= -----END CERTIFICATE-----Generated at Tue Nov 4 21:08:28 2025 by rpki-client